"The whole thing started with maybe a couple of people tending to the firewall for the company, sitting in a lab somewhere with Grateful Dead T-shirts and no one even knowing they're there," Amoroso, who's now a consultant, recalls.

Security has evolved from a backroom operation to an executive priority as organizations have come to understand the value of a risk management strategy, he says.

"We need to look at the CISO role as an executive position with holistic understanding and a more well-rounded background" to help ensure security goals align with business goals, Amoroso says.

Why security experts need to focus less on motives of attackers and focus instead on prevention and defense.

Amoroso is CEO at TAG Cyber LLC, a cybersecurity advisory, training, consulting and media services company. He previously worked at AT&T for 31 years, most recently serving as senior vice president and chief security officer from 2004 to 2016.

About the Author

A veteran journalist with more than 20 years' experience, Kitten has covered the financial sector for the last 13 years. Before joining Information Security Media Group in 2010, where she now serves as director of global events content and executive editor of BankInfoSecurity and CUInfoSecurity, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.